My WordPress Website Redirect to bigbricks.org and other site

Your site has been compromised (hacked). There are tons of posts and articles on how to de-hack a site. It can be done, but is very time-consuming.

At very least, update/reinstall everything (WordPress, Themes, plugins), change passwords for database and all admin users, remove any unknown admin users, look for extra php files (in every single folder on your site).

You might try the free WordFence plugin to scan your site and look for hacked files (delete them).

Assume that you’ll spend at least 20 hours in fixing/removing things.

Related Posts:

  1. What’s the effect if this malware if infected your WP?
  2. Malware on site [closed]
  3. How to find the backdoor of the hack
  4. My wordpress site was hacked – is my htaccess file compromised?
  5. My WordPress Blog sends malicious traffic to other sites [closed]
  6. Hacked WordPress website, as notified by Google Search Console, what to do? [closed]
  7. How was my WP site hacked [closed]
  8. If a WP install is hacked, can it spread to other domains on a server?
  9. Find and Replace text in the entire table using a MySQL query
  10. Is it a good idea to rename the “index.php” in “wp-admin” folder to avoid being hacked?
  11. How to fight this wp-info.php exploit? [closed]
  12. Prevent Hacking of WordPress Site [closed]
  13. Suspicious URLs being loaded after hack and restore
  14. Server hacked: correct contents of wp-uploads directory? [closed]
  15. Site hacked with malware [closed]
  16. Copy wordpress website pages and content
  17. How do I know if my WP Theme is using infamous TimThumb?
  18. Spam pages hack? [closed]
  19. Check for malicious code?
  20. Why would a hacker add this code to each post, and how to do mass cleanup?
  21. Is the current spate of hacks related to the recent security fix?
  22. I have removed the malware from our website however, when I tried again to search the word from Google it is still there [closed]
  23. Have I been hacked? Mysterious code at the top of theme files [closed]
  24. Strange codes in my wordpress site and my website is running too slow [closed]
  25. Spam Content Serving from old cached version of site?
  26. How to solve wordpress redirection (no malware was found)?
  27. Help determining if the following are legitimate files
  28. My blog was hacked? WP posting random posts
  29. Have I been hacked – getting new site setup email for 8 localhost wordpress sites
  30. Site Hacked – WordPress Divi Site – Cannot find where to fix the issue? [closed]
  31. malware in wordpress installer on dreamhost. [closed]
  32. Where I can find a list of WordPress security risks?
  33. looking for indoxploit hack solution [closed]
  34. Why functions.php file automatically empty?
  35. Bruteforce attack from 127.0.0.1?
  36. WordPress installer attack
  37. Why wordpress is hitting another url
  38. Where do hackers usually run their hacking script? [closed]
  39. Malicious Code in Index.php WordPress [closed]
  40. WP Site Hacked, Serp Google Spam [closed]
  41. My site appears to be hacked [closed]
  42. WordPress Redirect Hack
  43. Strings of malicious code to look for after a hack
  44. Hacked/cloaked sitemap [closed]
  45. Not able to change WordPress admin email. Someone added another admin credentials
  46. WordPress site hacked. Has .htaccess been hacked?
  47. Tips for finding SPAM links injected into the_content
  48. Scanning Database for malicious Data
  49. What should I do about hacked server?
  50. How can I find security hole in my wordpress site?
  51. Has anyone experience w/ WordPress (MultiSite) hidden users (possibly hacked)?
  52. Hacked website redirect, only on desktop, help with restoring it [closed]
  53. How do i disable/disallow and tags in TinyMCE?
  54. Change WP-Login or WP-Admin
  55. Security issues with WP sites
  56. How to prevent wp-login brute force attack from thousand of different IP? [duplicate]
  57. How To Clean The Malware Infected & Hacked WordPress Websites? [duplicate]
  58. Increased CPU load due to admin-ajax.php spam
  59. getting casino links on my woocommerce site [closed]
  60. How to locate & delete hidden pages on a site
  61. Verifying that I have fully removed a WordPress hack?
  62. How can I safely hide the fact that my website runs on WordPress? [closed]
  63. WordPress Footer Missing After Website Hack
  64. My WordPress Websites are always under attack
  65. Spam users registers even when registration is disabled
  66. What does this code do? (Injected code hacked)
  67. My WordPress website was hacked [closed]
  68. Some one is trying to hack my website, Need guidance [closed]
  69. Efficient way to check local WordPress php files and Database for malicious code? [duplicate]
  70. What can I do when an outside party hacks into my weblog and changes my display name?
  71. Any known bugs that could cause disappearance of the wp_users table?
  72. Is there any pre-existing plugin to track and block IPs with suspicious activity on my site?
  73. On new server, site got hacked, permissions a bit strange? Please help
  74. Website show Google Ads when we have no Google Ads linked to our website
  75. Multiple attempted logins originating from the server IP itself?
  76. Is there a simple way to set wordpress site files back to out of the box?
  77. Remove hacked code – out of ideas! [closed]
  78. Username was changed to “admin”
  79. Site blocked by WebSense on fresh WP Install
  80. WordPress disable direct access of files in WordPress installation path
  81. Am receiving more than thousand mails in single day from ‘[email protected]’ continuously
  82. Is this a hack? WordPress Usernames of every website we have changed into one single name automatically?
  83. How to bulk delete a certain part of all wordpress posts
  84. Should I prevent access to .htaccess and wp-config.php files?
  85. WordPress Database Re-installed (Hacked)
  86. How to log into WordPress via GET/POST
  87. Verifying that I have fully removed a WordPress hack?
  88. Subpage is redirecting to spam site
  89. how can i find malware code and remove from wordpress site to stop it redirecting to hackers click view pages
  90. Open content directory help!
  91. Replacing nav-menus.php file with standard clean one?
  92. Hacked site using transient API?
  93. After being hacked Fatal error: Call to undefined function get_header() in 404.php on line 1
  94. Could a user account with a stolen password compromised entire WP site?
  95. how to find the way they hacked my WP site
  96. How to stop repeated hack on header.php of custom theme? [closed]
  97. My WordPress site hacked with unwanted popups [closed]
  98. Redirected You too Many Times and Homepage Not Loading
  99. WordPress website is redirecting on some different shopping page
  100. WordPress broken dashboard with ninja-shell text
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)